From data to care quality: Why digital security is the backbone of digital health
- 9 hours ago
- 3 min read
Data is indispensable in modern healthcare. Reliable information forms the basis for providing high-quality and safe care. However, precisely because healthcare providers are becoming increasingly dependent on digital data, vulnerability and cyber threats are also on the rise.
The European Union Agency for Cybersecurity identifies ransomware attacks and data breaches as top threats for the healthcare sector, responsible for over 50% and 25% of cyberattacks respectively. Healthcare providers, in particular hospitals, are the most affected (ENISA, 2024). How can you ensure that data remains a strength and doesn’t turn into a vulnerability?
Data within a digital healthcare environment
Digitization is making healthcare more flexible and efficient. Consider hybrid care, in which physical and digital care alternate, or network care, in which care for a patient is spread across multiple organizations. Data plays a key role in all these forms. It enables timely action, informed decision-making and effective collaboration. Access to up-to-date and reliable data helps healthcare providers make the right decisions, thereby contributing to safe, high-quality care. Properly managing this data is therefore a major responsibility for healthcare providers and practitioners.
Where healthcare is most at risk
Healthcare organizations face a variety of vulnerabilities in the domain of digital security. In practice, this means:
Healthcare systems store highly sensitive information, ranging from medical records to financial data
Healthcare providers rely heavily on data; without access to up-to-date information, the quality of care is compromised
Some organizations still use outdated systems that are not sufficiently resistant to the current level of threat
Information security is by no means always structurally embedded within healthcare organizations, often because the primary focus is—understandably—on providing care
Human error remains a risk factor, highlighting the need for awareness and behavioral change
The human factor: Empowering healthcare professionals through smart design
Healthcare professionals form a vital line of defense in digital security. By implementing robust technical and physical safeguards, organizations can reduce the burden on staff and create an environment where secure behavior becomes the natural choice.
Encouraging secure behavior starts with understanding what drives it. Organizations can design interventions that align with people’s motivation, capability and opportunity (the external factors that either facilitate or inhibit the behavior). This approach also helps prevent the use of so-called “shadow IT”, which are unofficial applications and tools. For example, offering secure and user-friendly messaging tools eliminates the need for risky workarounds like personal apps.
These human and digital vulnerabilities mean that the healthcare sector is increasingly confronted with cyber threats. The number of digital attacks within the healthcare sector rose again in 2024, making the protection of sensitive information a priority (Z-CERT, 2024; ISACA, 2025). The impact of this is becoming increasingly apparent, as shown by the recent data breach in that exposed the details of 850,000 women (NOS, 2025).
The way forward: How to start with digital security in digital health?
Digital resilience is indispensable for every healthcare organization. But where do you start? The answer lies in a risk-oriented and integrated approach. This means tailoring organizational, people-oriented, technical and physical measures to the unique situation of your organization. The first steps are clear: start with a thorough risk analysis, establish clear procedures, choose appropriate technologies and provide training for employees.
However, note that digital resilience is not a one-off project. It is an ongoing cycle of evaluation, improvement and adjustment. For healthcare organizations, it is wise to link this improvement cycle to existing quality improvement processes. This ensures that digital security not only remains on the agenda but also becomes an integral part of daily work.
The European Action Plan for Cybersecurity in Healthcare emphasizes the importance of such a structural approach and focuses on prevention, detection, response and deterrence. Legislation and regulations such as NEN 7510, ISO 27001 and the NIS2 directive provide important guidelines and require the addition of organization-wide measures and a supported approach. Through cooperation, awareness, behavioral change and technological innovation, the healthcare sector can strengthen its digital resilience. In this way, digital innovation remains at the service of the primary goal: providing safe, reliable and high-quality care.
Authors: Joost Wagenaar & Cevin Krooneman
Looking to become more digitally resilient? You can feel secure in taking the first step: Reach out to
Joost Wagenaar
Senior Advisor
